syzbot

 sign-in | mailing list | source | docs
🐞 Open [965] Subsystems 🐞 Fixed [4559] 🐞 Invalid [10500] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in extent_fiemap

Status: upstream: reported on 2023/03/06 17:56
Labels: btrfs (incorrect?)
Reported-by: syzbot+8d245945ddc97769435f@syzkaller.appspotmail.com
First crash: 180d, last: 26d
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [btrfs?] KMSAN: uninit-value in extent_fiemap 0 (1) 2023/03/06 17:56

Sample crash report:
BTRFS info (device loop3): auto enabling async discard
=====================================================
BUG: KMSAN: uninit-value in extent_fiemap+0x2ecf/0x5e30 fs/btrfs/extent_io.c:3408
 extent_fiemap+0x2ecf/0x5e30 fs/btrfs/extent_io.c:3408
 btrfs_fiemap+0x210/0x260 fs/btrfs/inode.c:7835
 ioctl_fiemap fs/ioctl.c:219 [inline]
 do_vfs_ioctl+0x2f30/0x3cf0 fs/ioctl.c:810
 __do_compat_sys_ioctl fs/ioctl.c:962 [inline]
 __se_compat_sys_ioctl+0x6e3/0x1000 fs/ioctl.c:910
 __ia32_compat_sys_ioctl+0x93/0xd0 fs/ioctl.c:910
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x37/0x80 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x70/0x82

Uninit was stored to memory at:
 read_extent_buffer fs/btrfs/extent_io.c:4652 [inline]
 btrfs_item_key fs/btrfs/accessors.h:489 [inline]
 btrfs_item_key_to_cpu fs/btrfs/accessors.h:603 [inline]
 extent_fiemap+0x206b/0x5e30 fs/btrfs/extent_io.c:3407
 btrfs_fiemap+0x210/0x260 fs/btrfs/inode.c:7835
 ioctl_fiemap fs/ioctl.c:219 [inline]
 do_vfs_ioctl+0x2f30/0x3cf0 fs/ioctl.c:810
 __do_compat_sys_ioctl fs/ioctl.c:962 [inline]
 __se_compat_sys_ioctl+0x6e3/0x1000 fs/ioctl.c:910
 __ia32_compat_sys_ioctl+0x93/0xd0 fs/ioctl.c:910
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x37/0x80 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x70/0x82

Uninit was created at:
 __alloc_pages+0x9f6/0xe90 mm/page_alloc.c:5615
 __alloc_pages_bulk+0x1ad/0x20d0 mm/page_alloc.c:5540
 alloc_pages_bulk_array include/linux/gfp.h:201 [inline]
 btrfs_alloc_page_array fs/btrfs/extent_io.c:852 [inline]
 btrfs_clone_extent_buffer+0x445/0x11e0 fs/btrfs/extent_io.c:3745
 fiemap_search_slot fs/btrfs/extent_io.c:3135 [inline]
 extent_fiemap+0x1cbb/0x5e30 fs/btrfs/extent_io.c:3382
 btrfs_fiemap+0x210/0x260 fs/btrfs/inode.c:7835
 ioctl_fiemap fs/ioctl.c:219 [inline]
 do_vfs_ioctl+0x2f30/0x3cf0 fs/ioctl.c:810
 __do_compat_sys_ioctl fs/ioctl.c:962 [inline]
 __se_compat_sys_ioctl+0x6e3/0x1000 fs/ioctl.c:910
 __ia32_compat_sys_ioctl+0x93/0xd0 fs/ioctl.c:910
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x37/0x80 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x70/0x82

CPU: 0 PID: 7734 Comm: syz-executor.3 Not tainted 6.3.0-syzkaller-g81af97bdef5e #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
=====================================================

Crashes (16):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Manager Title
2023/05/05 10:51 https://github.com/google/kmsan.git master 81af97bdef5e 518a39a6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in extent_fiemap
2023/05/03 07:53 https://github.com/google/kmsan.git master 81af97bdef5e 48e0a81d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in extent_fiemap
2023/03/27 17:35 https://github.com/google/kmsan.git master 90ea0df61c98 f8f96aa9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in extent_fiemap
2022/12/02 11:56 https://github.com/google/kmsan.git master 49a9a20768f5 e080de16 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in extent_fiemap
2023/02/28 14:12 https://github.com/google/kmsan.git master 97e36f4aa06f 95aee97a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in paths_from_inode
2023/02/16 19:22 https://github.com/google/kmsan.git master 9c866a280876 7338e3c4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in paths_from_inode
2023/02/04 23:05 https://github.com/google/kmsan.git master eda666ff2276 be607b78 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in copy_items
2023/01/26 06:38 https://github.com/google/kmsan.git master 41c66f470616 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in paths_from_inode
2023/01/14 09:28 https://github.com/google/kmsan.git master e919e2b1bc1c 529798b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in paths_from_inode
2023/01/12 17:12 https://github.com/google/kmsan.git master 219e919e391d 96166539 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in paths_from_inode
2023/01/04 13:34 https://github.com/google/kmsan.git master 5c6259d6d19f 1dac8c7a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in copy_items
2022/12/24 08:16 https://github.com/google/kmsan.git master 5c6259d6d19f 9da18ae8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in paths_from_inode
2022/12/19 11:37 https://github.com/google/kmsan.git master 5c6259d6d19f 05494336 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in paths_from_inode
2022/12/19 11:30 https://github.com/google/kmsan.git master 5c6259d6d19f 05494336 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in paths_from_inode
2022/12/15 05:10 https://github.com/google/kmsan.git master 5c6259d6d19f b18f0a64 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in paths_from_inode
2022/12/15 04:57 https://github.com/google/kmsan.git master 5c6259d6d19f b18f0a64 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in paths_from_inode
* Struck through repros no longer work on HEAD.